Truecrypt is really an ideal solution for this, is there any way to get admin to install or grant privileges to do so? Otherwise, a lot of external usb drives come with standalone encryption software, most of it's not particularly high grade but also mostly shouldn't require admin.
–
nedmMay 16 '09 at 18:47

Not always practicable to have admin rights, for example passing through someplace and having to use a PC in an internet café, with nobody else there having admin rights either.
–
Rob KamMay 16 '09 at 20:55

Truecrypt is NOT an ideal solution. It requires admin rights on the local machine.
–
GregDDec 1 '09 at 17:25

It will be difficult to do full disk encryption or even on-the-fly-encryption without drivers! The only thing that woudln't decrypt to the harddrive would be some programm that injects itself in userspace in every process and touches open calls etc.

As already mentioned Truecrypt is not an option that would run on any Windows XP installation. This is due to the fact that creating a "virtual" drive requires administrator privileges.
Without such a virtual drive you cannot:

use files on the usb drive from any software

run programs from it

Afaik the is no solution to overcome this limitation in a easy and secure way.
The simplest solution that would work everywhere is an encrypted archive file. 7Zip for example can use AES256 which is, combined with a sufficient long pass phrase, a good layer of privacy. 7zip is also available as es plain exe, so you could put it one the stick and take it with you.One thing you have to keep in mind: If you access an file from inside the archive it will be copied to the host temporary directory and possible not deleted securely.

Also I recently saw (on the Cebit, which is an Internationale IT fair in Germany) some AES encrypted usb drives which were explicitly advertised as being true AES combined with a host software which fed the encryption key. Sadly I haven't the name of the manufacturer in mind. But I'm convinced that there are some real solution if you are willing to pay the price (both: money and transfer rates).

I don't have experience with this but you may want to try iron key
Having a secure flash drive doesn't give complete protection, what if someone copys the files from the drive to there personal computer and that computer gets stolen, a trogen horse gets installed on a computer they access the drive from, etc.

Not looking to have complete protection, just enough to have some security against casual inspection, say if inadvertently leaving the drive available somewhere for a few hours.
–
Rob KamMay 16 '09 at 22:51

I use an IronKey. It's great, not just for easy-to-use encryption (without needing admin rights) but also for the identity manager and other inclusions. It works on both my Windows and Linux PCs. The enterprise admin is a good addition if you have multiple IronKey users.
–
WilliamMar 5 '10 at 1:33

We use Lexar JumpDrive Secure for our USB keys. The key have 2 partitions, one that is accessible by anyone, and one that is encrypted. The public partition contains the software to access the private part, so make sure you use a strong pass phrase. It works well with windows xp, but not on linux. The old versions we have doesn't work on vista, but the new ones are suppose to work fine.

You can achieve the same with any USB key and TrueCrypt, which works everywhere. The only solution that doesn't involve installing something on the host would be to use a USB key that uses hardware/biometric encryption. Saddly I can't recommend any, but do a search for "biometric USB key" or "hardware encryption USB key".
–
IvanMay 16 '09 at 15:22

EFS has been broken and is useless for all practical purposes on the host computer: securitysoftwarezone.com/… . However it would not be possible to break encryption having only a USB key with EFS protected files.
–
MikeMay 17 '09 at 11:09

Iron key is great, it has encryption hardware inside. It works everywhere because it doesn't need privileges (nothing to install), and is really secure (used by usa military). After 10 bad try, the inside of they key get a fatal liquid free up.